Devices and Method for Detecting and Addressing Anomalies in Data Retrieval Requests

ABSTRACT

Described are processing devices for detecting and addressing anomalies in data retrieval requests. According to some aspects, the processing device(s) are part of a first entity computing system and receives data retrieval request(s) from a second entity computing system. The processing device(s): extracts profile identity data, data retrieval parameter(s) and request type data from the data retrieval request(s); and retrieves data retrieval rules comprising an indication that the requested is to be retrieved automatically and historical retrieval request data associated with the second entity computing system comprising at least one prior data retrieval request of the second entity computing system. In response to determining that the data retrieval request comprises a request anomaly based on the historical retrieval request data, the processing device(s) generates and transmits alert data for receipt by a computing device and receives reply data responsive to the alert from the computing device.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims priority from U.S. Provisional Patent Application No. 62/402,529 filed on Sep. 30, 2016, the contents being incorporated herein by reference.

FIELD

The specification relates generally to the retrieval of data in response to data retrieval requests, and specifically to devices and methods for detecting and addressing anomalies in data retrieval requests.

BACKGROUND

Situations may arise in which a computing system or device associated with a first entity, such as a government department, receives requests to automatically retrieve and transmit data to a computing system associated with another entity, such as a private hospital. In some instances, the automatic retrieval and transmission of the requested data may be undesirable in view of anomalies in the data request.

SUMMARY

According to one aspect of the present application, there is provided a processing device for detecting and addressing anomalies in data retrieval requests. The processing device is part of a first entity computing system and coupled to a memory storing computer-executable instructions which when executed by the processing device causes the processing device to: receive, from a second entity computing system via a secure network, a data retrieval request associated with the second entity computing system; extract profile identity data, at least one data retrieval parameter and request type data from the data retrieval request; retrieve, from a data retrieval rule data source accessible by the processing device, data retrieval rules based on the profile identity data and request type data, the data retrieval rules comprising an indication that the requested data is to be retrieved automatically; retrieve, from a request history data source accessible by the processing device, historical retrieval request data associated with the second entity computing system, the historical retrieval request data comprising at least one prior data retrieval request comprising the profile identity data; determine whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data; in response to determining that the data retrieval request comprises at least one request anomaly, generate alert data comprising a request to proceed with retrieval of the requested data in accordance with the data retrieval request, and transmit, via another secure network, the alert data for receipt by a computing device; and receive, from the computing device via the another secure network, reply data responsive to the alert data.

According to some aspects, in determining whether the data retrieval request comprises at least one request anomaly the computer-executable instructions when executed by the processing device further cause the processing device to: analyze statistical variation between the historical retrieval request data and the at least one data retrieval parameter.

According to some aspects, the data retrieval request is in respect of payment of an invoice associated with the second entity computing system, the request type data comprises an indication of an account type of the invoice, the at least one data retrieval parameter comprises a payment amount of the invoice, and the at least one prior data retrieval request comprises at least one prior invoice associated with the second entity computing system.

According to some aspects, the computer-executable instructions when executed by the processing device further cause the processing device to, when the reply data comprises request approval data: retrieve, from another data source accessible to the processing device, the requested data in accordance with the data retrieval request, and transmit, via the second secure network, the requested data for receipt by the second entity computing system.

According to some aspects, the computer-executable instructions when executed by the processing device further cause the processing device to, after the transmission of the requested data for receipt by the second entity computing system, determine a state of the another data source, wherein the state comprises an indication that the requested data is no longer stored at the another data source.

According to one aspect, there is provided a non-transitory computer-readable medium for detecting and addressing anomalies in data retrieval requests. The computer-readable medium comprising computer-executable instructions for: receiving, from a second entity computing system via a secure network, a data retrieval request associated with the second entity computing system; extracting profile identity data, at least one data retrieval parameter and request type data from the data retrieval request; retrieving, from a data retrieval rule data source, data retrieval rules based on the profile identity data and request type data, the data retrieval rules comprising an indication that the requested data is to be retrieved automatically; retrieving, from a request history data source, historical retrieval request data associated with the second entity computing system, the historical retrieval request data comprising at least one prior data retrieval request comprising the profile identity data; determining whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data; in response to determining the data retrieval request comprises at least one request anomaly, generating alert data comprising a request to proceed with retrieval of the requested data in accordance with the data retrieval request, and transmitting, via another secure network, the alert data for receipt by a computing device; and receiving, from the computing device via the another secure network, reply data responsive to the alert data.

According to some aspects, determining whether the data retrieval request comprises at least one request anomaly comprises analyzing statistical variation between the historical retrieval request data and the at least one data retrieval parameter.

According to some aspects, the data retrieval request is in respect of payment of an invoice associated with the second entity computing system, the request type data comprises an indication of an account type of the invoice, the at least one data retrieval parameter comprises a payment amount of the invoice, and the at least one prior data retrieval request comprises at least one prior invoice associated with the second entity computing system.

According to some aspects, the secure network includes a payment network.

According to one aspect, there is provided a method of detecting and addressing anomalies in data retrieval requests. The method comprises, via a processing device of a first entity computing system: receiving, from a second entity computing system, a data retrieval request associated with the second entity computing system; extracting profile identity data, at least one data retrieval parameter and request type data from the data retrieval request; retrieving, from a data retrieval rule data source accessible by the processing device, data retrieval rules based on the profile identity data and request type data, the data retrieval rules comprising an indication that the requested data is to be retrieved automatically; retrieving, from a request history data source accessible by the processing device, historical retrieval request data associated with the second entity computing system, the historical retrieval request data comprising at least one prior data retrieval request comprising the profile identity data; determining whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data; in response to determining that the data retrieval request comprises at least one request anomaly: generating alert data comprising a request to proceed with retrieval of the requested data in accordance with the data retrieval request, and transmitting, via another secure network, the alert data for receipt by a second computing device; and receiving, from the second computing device via the another secure network, reply data responsive to the alert data.

According to some aspects, when the reply data comprises request approval data, the method further comprises: retrieving the requested data in accordance with the data retrieval request, and transmitting, via the secure network, the requested data to the second entity computing system.

According to some aspects, the method further comprises, after transmitting the requested data for receipt by the second entity computing system: determining a state of the another data source, wherein the state comprises an indication that the requested data is no longer stored at the another data source.

BRIEF DESCRIPTIONS OF THE DRAWINGS

For a better understanding of the various aspects of the application described herein and to show more clearly how they may be carried into effect, reference will now be made, by way of example only, to the accompanying drawings in which:

FIG. 1 depicts a schematic of first entity computing system comprising a processing device for detecting and addressing anomalies in data retrieval requests, according to non-limiting aspects of the application;

FIG. 2 depicts of a data retrieval request, according to non-limiting aspects of the application; and

FIGS. 3 and 4 depict a flowchart illustrating a method of detecting and addressing anomalies in data retrieval requests, according to non-limiting aspects of the application.

DETAILED DESCRIPTION

Herein described are devices and systems for detecting and addressing anomalies in data retrieval requests. It will be appreciated that for simplicity and clarity of illustration, where considered appropriate, reference numerals may be repeated among the figures to indicate corresponding or analogous elements. In addition, numerous specific details are set forth in order to provide a thorough understanding of the exemplary aspects of the present application described herein. However, it will be understood by those of ordinary skill in the art that the exemplary aspects described herein may be practised without these specific details. In other instances, well-known methods, procedures and components have not been described in detail so as not to obscure the exemplary aspects described herein. Also, the description is not to be considered as limiting the scope of the exemplary aspects described herein. Any systems, method steps, method blocks, components, parts of components, and the like described herein in the singular are to be interpreted as also including a description of such systems, method steps, components, parts of components, and the like in the plural, and vice versa.

It will also be understood that for the purposes of this application, “at least one of X, Y, and Z” or “one or more of X, Y, and Z” language can be construed as X only, Y only, Z only, or any combination of two or more items X, Y, and Z (e.g., XYZ, XYY, YZ, ZZ).

In the present application, components may be described as being “configured to” or “enabled to” perform one or more functions. Generally, it is understood that a component that is configured to or enabled to perform a function is configured to or enabled to perform the function, or is suitable for performing the function, or is adapted to perform the function, or is operable to perform the function, or is otherwise capable of performing the function.

FIG. 1 depicts a first entity computing system 100, associated with a first entity 102, and second entity computing system 104, associated with a second entity 106 separate from first entity 102. By way of non-limiting example, first entity 102 and second entity 106 may comprise one or more of an organization, institution and enterprise.

First entity computing system 100 comprises at least one memory 108 and at least one processing device 110.

Memory 108 can comprise any suitable memory device, including but not limited to any suitable one of, or combination of, a local and/or remote volatile memory, non-volatile memory, random access memory (RAM), read-only memory (ROM), hard drive, optical drive, buffer(s), cache(s), flash memory, magnetic computer storage devices (e.g. hard disks, floppy disks, and magnetic tape), optical memory ((e.g., CD(s) and DVD(s)), and the like. Other suitable memory devices are within the scope of the application. As such, it is understood that the term “memory”, or any variation thereof, as used herein may comprise a tangible and non-transitory computer-readable medium (i.e., a medium which does not comprise only a transitory propagating signal per se) comprising or storing computer-executable instructions, such as computer programs, sets of instructions, code, software, and/or data for execution of any method(s), step(s) or process(es) described herein by any processing device(s) and/or microcontroller(s) described herein. Memory 108 comprises or is enabled to store computer-executable instructions 112 for execution by at least one processing device, including processing device 110.

Processing device 110 is coupled to memory 108 and is enabled to control at least some of the operations first entity computing system 100. As used herein, the terms “processing device”, “processing devices”, “processing device(s)”, “processor”, “processors” or “processor(s)” may refer to any combination of processing devices, and the like, suitable for carrying out the actions or methods described herein. For example, processing device 110 may comprise any suitable processing device, or combination of processing devices, including but not limited to a microprocessor, a central processing unit (CPU) and the like. Other suitable processing devices are within the scope of the application.

Although first entity computing system 100 is depicted as a single computing system, it is understood that, according to some aspects of the application, first entity computing system 100 may comprise multiple computing systems and/or computing devices in which one or more of the computing systems and/or computing devices may be remote from each other (e.g., one or more servers, mobile devices and other suitable computing devices).

Processing device 110 is enabled to communicate with at least one computing device 114 via first secure network 116. For example, according to some aspects, processing device 110 is enabled to access first secure network 116 via, for example, communication link 118. Communication link 118 comprises any suitable wired and/or wireless communication link(s), or suitable combination thereof. Processing device 110 may also be enabled to send and/or receive communications from computing device 114 according to any suitable communication protocols which are compatible with first secure network 116. Non-limiting examples of suitable protocols which may be compatible with first secure network 116 are wireless protocols, cell-phone protocols, wireless data protocols, WiFi protocols, WiMax protocols, and/or a combination, or the like, such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), Secure Sockets Layer (SSL) and Transport Layer Security (TLS). According to some aspects, processing device 110 is enabled to encrypt data for transmission to computing device 114 and decrypt data received from computing device 114 via first secure network 116.

Computing device 114 is enabled to access first secure network 116 to communicate with first entity computing system 100 via processing device 110. For example, computing device 114 is enabled to access first secure network 116 via communication link 120. Computing device 114 may comprise a communication module suitable for performing the communications with processing device 110 described herein. Communication link 120 comprises any suitable wired and/or wireless communication link(s), or suitable combination thereof. In general, computing device 114 comprises any suitable computing device(s), including but not limited to one or more portable electronic devices, mobile computing devices, portable computing devices, tablet computing devices, laptop computing devices, PDAs (personal digital assistants), cellphones, smartphones, computer terminals and the like. Other suitable computing devices are within the scope of the application. Computing device 114 may be associated with or otherwise accessible to a user 122. User 122 may also be associated with first entity 102. For example, according to some aspects, user 122 is one or more of a client, patient, employee or customer of first entity 102. For the sake of simplicity a single computing device 114 is shown in FIG. 1. However, according to some aspects, more than one computing device 114, associated with or otherwise accessible to a plurality of users, is enabled to access first secure network 116 to communicate with processing device 110 in a manner similar to computing device 114.

First entity computing system 100 (via processing device 110) and second entity computing system 104 are enabled to communicate with each other via second secure network 136 using communication links 138 and 140. Communication link 138 and communication link 140 each comprise any suitable wired and/or wireless communication link(s), or suitable combination thereof.

According to some aspects, processing device 110 is enabled to transmit, via secure network 136, data for receipt by second entity computing system 104 according to any suitable protocol which is compatible with secure network 136. Non-limiting examples of suitable protocols which may be compatible with secure network 136 are wireless protocols, cell-phone protocols, wireless data protocols, WiFi protocols, WiMax protocols, and/or a combination, or the like, such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), Secure Sockets Layer (SSL) and Transport Layer Security (TLS). According to some aspects, processing device 110 is enabled to encrypt data for transmission to second entity computing system 104 and decrypt data received from second entity computing system 104 via secure network 136.

In accordance with computer-executable instructions 112, processing device 110 is enabled to receive, from second entity computing system 104 via secure network 136, at least one data retrieval request 124 associated with second entity computing system 104. For example, according to some aspects, data retrieval request 124 comprises a request to transmit data from first entity system 100, such as data accessible to processing device 110, to second entity computing system 104.

As depicted in FIG. 2, according to some aspects, data retrieval request 124 comprises profile identity data 126, at least one data retrieval parameter 128 (or data indicative of at least one data retrieval parameter 128 of data retrieval request 124), and request type data 130 (such as data indicative of the category or type of data retrieval request of data retrieval request 124). According to some aspects, profile identity data 126 comprises data associated with a user of computing device 114, such a unique identifier or other data sufficient to authenticate the association of user 122 with first entity 102. According to some aspects, data retrieval parameter 128 comprises one or more of a type, size and format of the data being requested.

In accordance with computer-executable instructions 112, processing device 110 is enabled to extract profile identity data 126, data retrieval parameter 128 and request type data 130 from data retrieval request 124.

Processing device 110 is enabled to access a plurality of data sources, such as data retrieval rule data source 132 and request history data source 134. Data retrieval rule data source 132 and request history data source 134 comprise any suitable type of data source, or any combination thereof. For example, according to some aspects, data retrieval rule data source 132 and request history data source 134 each comprise one or more of a data structure, a database, a data storage device and a data file. According to some aspects, data retrieval rule data source 132 comprises at least one indication of how data retrieval requests received by first entity computing system 100 or processing device 110 are to be processed. For example, according to some aspects, the at least one indication comprises an indication of a period of time in which the requested data is to be retrieved and transmitted relative to receipt of the data retrieval request 124 by processing device 110.

In accordance with computer-executable instructions 112, processing device 110 is enabled to retrieve data retrieval rules 142 from data retrieval rule data source 132. Retrieved data retrieval rules 142 are based on profile identity data 126 and request type data 130 extracted from data retrieval request 124. Retrieved data retrieval rules 142 also comprise an indication that the requested data is to be retrieved automatically. According to some aspects, “automatically” means in response to receipt of the data retrieval request 124 by first entity computing system 100 at, for example, processing device 110.

According to some aspects, data retrieval rules 142 comprise retrieval preference data 148 which may be provided by user 122 via, for example, an input device of computing device 114. Retrieval preference data 148 may comprise additional rules for retrieving data in accordance with data retrieval requests, such as data retrieval request 124. According to some aspects, the additional rules for retrieving data of retrieval preference data 148 may comprise a directive to overrule and/or replace one or more of data retrieval rules 142 with at least one of the additional rules.

Processing device 110 is further enabled to retrieve historical retrieval request data 144 from request history data source 134. Historical retrieval request data 144 is associated with second entity computing system 104 and comprises at least one prior data retrieval request 146 (also referred to herein as “prior data retrieval request 146”). Prior data retrieval request 146 comprises profile identify data 126 or data associated with profile identity data 126, and, according to some aspects, may also be associated with second entity computing system 104.

In accordance with computer-executable instructions 112, processing device 110 is enabled to determine whether data retrieval request 124 comprises at least one request anomaly based on historical retrieval request data 144. For example, according to some aspects, processing device 110 may analyze statistical variation(s) between historical retrieval request data 144 in respect of data retrieval parameter 128 according to at least one suitable statistical outlier detection test. Non-limiting examples of suitable statistical outlier detection tests are t-tests, Cook's d-test (distance test) and statistical hypothesis testing. For example, according to some aspects, data retrieval parameter 128 comprises a requested size of data to be retrieved from data source 150 (which is accessible to processing device 110) and processing device 110 determines, based on historical retrieval request data 144, that the requested data size is more than three times the mean value of the previously requested data sizes of at least one prior data retrieval request, such as prior data retrieval request 144, and that data retrieval request comprises a request anomaly at least in respect of requested data size.

In accordance with computer-executable instructions 112, processing device 110 is enabled to, in response to determining data retrieval request 124 comprises at least one request anomaly, generate alert data 152 comprising a request to proceed with retrieval of the requested data 154 in accordance with data retrieval request 124, and transmit, via first secure network 116, alert data 152 for receipt by computing device 114. According to some aspects, alert data 152 may comprise an alert message for display at a Graphical User Interface (GUI) of computing device 114.

Processing device 110 is enabled to receive, from computing device 114 via first secure network 116, reply data 156 responsive to alert data 152. According to some aspects, reply data 156 comprises request approval data or other data indicative of a directive for processing device 110 to proceed with retrieving requested data 154 in accordance with data retrieval request 124. According to some aspects, when reply data comprises request approval data, processing device 110 retrieves requested data 154 in accordance with data retrieval request 124 and transmits, via second secure network 136, requested data 154 for receipt by second entity computing system 104. According to some aspects, after transmitting requested data 154 for receipt by second entity computing system 104, processing device 110 is enabled to determine a state of data source 150 which comprises an indication that requested data 154 is no longer stored at data source 150. According to some aspects, processing device 110 may store the determine state(s) as state data 158, or as a subset of state data 158, at a data source accessible to processing device 110, such as reconciliation data source 160. Storing and tracking changes in state of data sources from which data is retrieved (e.g., request data 154) may assist processing device 110, and first entity computing system 100, in the performance of data reconciliation activities.

According to some aspects, reply data 156 comprises request denial data or other data indicative of a directive for processing device 110 not to proceed with retrieving requested data 154 in accordance with data retrieval request 124.

By intercepting data retrieval requests comprising request anomalies, data retrieval requests that would otherwise be fulfilled automatically, and providing an opportunity to further assess whether such a request should be fulfilled, computing system resources may be more efficiently utilized. According to some aspects, the systems, devices and methods of the present application may help avoid the performance of at least some unnecessary processing in respect of data retrieval requests that are ultimately denied (e.g., in which reply data comprising request denial data is received responsive to alert data).

Attention is now directed to FIGS. 3 and 4 which depict a flowchart of a method 300 for detecting and addressing anomalies in data retrieval requests, according to non-limiting aspects of the application. In order to assist in the explanation of method 300, it will be assumed that method 300 is performed using first entity computing system 100, and more particularly processing device 110, as indicated. Furthermore, the following discussion of method 300 will lead to a further understanding of first entity computing system 100 and processing device 110, and the various components therein. However, it is to be understood that first entity computing system 100, processing device 110 and/or method 300 can be varied, and need not work exactly as discussed herein in conjunction with each other, and that such variations are within the scope of present implementations.

It is appreciated that, in some aspects, method 300 is implemented by first entity computing system 100 processing device 110. Indeed, method 300 is one way in which first entity computing system 100 or processing device 110 may be configured. It is to be emphasized, however, that method 300 need not be performed in the exact sequence as shown, unless otherwise indicated; and likewise various blocks may be performed in parallel rather than in sequence; hence the elements of method 300 are referred to herein as “blocks” rather than “steps”. It is also to be understood, however, that method 300 can be implemented on variations of first entity computing system 100 and processing device 110 as well.

At block 302, processing device 110 receives, from second entity computing system 104 via second secure network 136, data retrieval request 124 associated with second entity computing system 104.

At block 304, processing device 110 extracts profile identify data 126, at least one data retrieval parameter 128 and request type data 130 from data retrieval request 124.

At block 306, processing device 110 retrieves, from data retrieval rule data source 132 that is accessible by processing device 110, data retrieval rules 142 based on profile identity data 126 and request type data 130. As discussed above, data retrieval rules 142 comprise an indication that the requested data, such as requested data 154, is to be retrieved automatically.

At block 308, processing device 110 determines whether data retrieval request 124 comprises at least one request anomaly based on historical retrieval request data 144.

If processing device 110 determines that data retrieval request 124 does not comprise at least one request anomaly, then at block 310, processing device retrieves requested data 154 in accordance with data retrieval request 124.

However, in response to determining data retrieval request 124 comprises at least one request anomaly, at block 312 (FIG. 4) processing device 110 generates alert data 152 comprising a request to proceed with retrieval of requested data 154 in accordance with data retrieval request 124 and, at block 314, processing device 110 transmits, via first secure network 116, alert data 152 for receipt by computing device 114.

At block 316, processing device 110 receives, from computing device 114 via first secure network 116, reply data 156 responsive to alert 152. As discussed above, according to some aspects, reply data 156 comprises request approval data or other data indicative of a directive for processing device 110 to proceed with retrieving requested data 154 in accordance with data retrieval request 124. According to some aspects, reply data 156 comprises request denial data or other data indicative of a directive for processing device 110 not to proceed with retrieving requested data 154 in accordance with data retrieval request 124.

The systems, devices and methods described herein are applicable in a variety of contexts in which management of data transmission between multiple computing systems associated with multiple separate entities is to be performed. As such, it is understood that the aspects described below are non-limiting and that the technical advantages of the described systems, devices and methods may be realized in a variety of data management contexts and applications.

Referring to FIG. 1, according to some aspects, first entity computing system 100 and processing device 110 are computing system(s) and device(s) operated by a financial institution, such as a bank, and second entity computing system 104 is a computing system operated by an entity separate from the financial institution, such as a merchant, utility provider or government entity, and which issues at least one invoice for payment by a user with access to or who is otherwise associated with computing device 114 (also referred to herein as an “issuing entity”), such as user 122.

According to some aspects, data retrieval request 124 is in respect of payment of an invoice associated with second entity computing system 104. The payment of the invoice is comprised of funds from at least one transaction account accessible by first entity 102. For example, data source 150 may be associated with at least one transaction account of user 122 and requested data 154 may comprise funds of the at least one transaction account.

According to some aspects, data retrieval parameter 128 comprises a payment amount for the invoice and request type data 130 comprises an indication of an account category or type of the invoice. For example, according to some aspects, request type data 130 comprises an indication that the invoice is in respect of a cellular account operated by second entity 106 and associated with user 122. According to some aspects, second entity 106 is a governmental authority that operates a number of accounts associated with user 122, such as accounts for municipal utilities, waste management and property taxes. According to some aspects, request type data 130 comprises an indication that identifies which one of the accounts operated by second entity 106 and associated with user 122 is the subject of data retrieval request 124 (i.e., is the account in respect the payment is to be made).

As discussed above, processing device 110 is enabled to determine whether data retrieval request 124 comprises at least one request anomaly based on historical retrieval request data 144, and historical request data 144 comprises at least one prior data retrieval request 146. According to some aspects, the at least one prior data retrieval request 146 comprises at least one prior invoice associated with second entity computing system 104, such as a previous property tax invoice issued to user 122 by second entity 106 via second computing system 104.

According to some aspects, in analyzing the statistical variation between historical retrieval request data 144 and data retrieval parameter 128, processing device 110 analyzes the statistical variation between the at least one prior data retrieval request 146 and data retrieval parameter 128. For example, according to some aspects, data retrieval parameter 128 comprises a payment amount of an invoice issued by second entity 106, via second entity computing system 104, to user 122. Processing device 110 may determine that the payment amount is greater than the mean payment amount of previous invoices issued from second entity 106 to user 122 and, as such, data retrieval request 124 comprises at least one request anomaly in respect of the payment amount. According to some aspects, the analysis of statistical variation performed by processing device 110 in respect of prior data retrieval request 146 may be more granular in that only prior invoices issued by second entity 106 to user 122 in respect of the same account type, based on request type data 130, are processed to determine whether data retrieval request 124 comprises an anomaly.

As discussed above, processing device 110 may be enabled to generate and transmit, via secure network 116, alert data 152 for receipt by computing device 114, and receive reply data 156 responsive to alert data 152. According to some aspects, when reply data 156 comprises request approval data, processing device 110 retrieves requested data 154 from data source 150 and transmits requested data 154, via secure network 136, for receipt by second entity computing system 104. For example, according to some aspects, requested data 154 comprises funds from a transaction account associated with data source 150 and user 122, and transmitting requested data 154 comprises transferring the requested funds from the transaction account by Electronic Funds Transfer (ETF), such as Direct Deposit and/or Interac™ e-transfer, or any other suitable manner of transferring the requested funds from first entity computing system 100 to second entity computing system 104.

As discussed above, according to some aspects, after transmitting requested data 154 for receipt by second entity computing system 104, processing device 110 is enabled to determine a state of data source 150 which comprises an indication that requested data 154 is no longer stored at data source 150. For example, processing device 110 may be enabled to determine that the total funds available at a transaction account associated with data source 150 is less the requested funds of requested data 154 (e.g., as a change the balance of the transaction account), accounting for the transfer of the requested funds. According to some aspects, processing device 100 may store the determined state of data source 150 (and the at least one transaction account from which the requested funds were retrieved) as state data 158, or as a subset of state data 158, at a data source accessible to processing device 110, such as reconciliation data source 160. Storing and tracking changes in the state of data sources from which data is retrieved (e.g., data source 150 from which request data 154 may be retrieved) may assist processing device 110, and first entity computing system 100, in the performance of data reconciliation activities, such as tracking the movement of data and/or funds transferred between and from data sources and/or transaction accounts associated with first entity 102.

According to some aspects, secure network 136 is a payment network that may be enabled to transmit data associated with payments to second entity computing system 104. For example, secure network 136 may comprise or otherwise be enabled to access an Automated Clearing House (ACH) network or other network(s) suitable and/or specifically enabled to receive, track and/or transmit data associated with payments. Secure network 136 may, according to some aspects, operate in accordance with laws and/or guidelines associated with at least one relevant governmental authority in compliance with which one or more of first entity computing system 100, second entity computing device 104 and/or processing device 110 operate.

Those skilled in the art will appreciate that in some implementations, the functionality of first entity computing system 100, processing device 110 and method 300 can be implemented using pre-programmed hardware or firmware elements (e.g., application specific integrated circuits (ASICs), electrically erasable programmable read-only memories (EEPROMs), etc.), or other related components. In other implementations, the functionality of first entity computing system 100, processing device 110 and method 300 can be achieved using a computing apparatus that has access to a code memory (not shown) which stores computer-readable program code for operation of the computing apparatus. The computer-readable program code could be stored on a computer readable storage medium which is fixed, tangible and readable directly by these components, (e.g., removable diskette, CD-ROM, ROM, fixed disk, USB drive). Furthermore, it is appreciated that the computer-readable program can be stored as a computer program product comprising a computer usable medium. Further, a persistent storage device can comprise the computer readable program code. It is yet further appreciated that the computer-readable program code and/or computer usable medium can comprise a non-transitory computer-readable program code and/or non-transitory computer usable medium. Alternatively, the computer-readable program code could be stored remotely but transmittable to these components via a modem or other interface device connected to a network (including, without limitation, the Internet) over a transmission medium. The transmission medium can be either a non-mobile medium (e.g., optical and/or digital and/or analog communications lines) or a mobile medium (e.g., microwave, infrared, free-space optical or other transmission schemes) or a combination thereof.

Persons skilled in the art will appreciate that there are yet more alternative implementations and modifications possible, and that the above examples are only illustrations of one or more implementations. The scope, therefore, is only to be limited by the claims appended hereto. 

What is claimed is:
 1. A processing device for detecting and addressing anomalies in data retrieval requests, the processing device being part of a first entity computing system and coupled to a memory storing computer-executable instructions, the computer-executable instructions when executed by the processing device causing the processing device to: receive, from a second entity computing system via a secure network, a data retrieval request associated with the second entity computing system; extract profile identity data, at least one data retrieval parameter and request type data from the data retrieval request; retrieve, from a data retrieval rule data source accessible by the processing device, data retrieval rules based on the profile identity data and the request type data, the data retrieval rules comprising an indication that the requested data is to be retrieved automatically; retrieve, from a request history data source accessible by the processing device, historical retrieval request data associated with the second entity computing system, the historical retrieval request data comprising at least one prior data retrieval request comprising the profile identity data; determine whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data; in response to determining that the data retrieval request comprises at least one request anomaly: generate alert data comprising a request to proceed with retrieval of the requested data in accordance with the data retrieval request, and transmit, via another secure network, the alert data for receipt by a computing device; and receive, from the computing device via the another secure network, reply data responsive to the alert data.
 2. The processing device of claim 1, wherein the computer-executable instructions when executed by the processing device further cause the processing device to: when the reply data comprises request approval data: retrieve, from another data source accessible to the processing device, the requested data in accordance with the data retrieval request, and transmit, via the second secure network, the requested data for receipt by the second entity computing system.
 3. The processing device of claim 2, wherein the computer-executable instructions when executed by the processing device further cause the processing device to: after the transmission of the requested data for receipt by the second entity computing system: determine a state of the another data source, wherein the state comprises an indication that the requested data is no longer stored at the another data source.
 4. The processing device of claim 1, wherein the reply data comprises request denial data.
 5. The processing device of claim 1, wherein in determining whether the data retrieval request comprises at least one request anomaly, the computer-executable instructions when executed by the processing device cause the processing device to: analyze statistical variation between the historical retrieval request data and the at least one data retrieval parameter.
 6. The processing device of claim 1, wherein the data retrieval rules comprise retrieval preference data.
 7. The processing device of claim 1, wherein: the data retrieval request is in respect of payment of an invoice associated with the second entity computing system; the request type data comprises an indication of an account type of the invoice; the at least one data retrieval parameter comprises a payment amount of the invoice; and the at least one prior data retrieval request comprises at least one prior invoice associated with the second entity computing system.
 8. The processing device of claim 1, wherein the secure network includes a payment network.
 9. The processing device of claim 1, wherein the second computing device comprises a mobile computing device.
 10. A non-transitory computer-readable medium for detecting and addressing anomalies in data retrieval requests, the computer-readable medium comprising computer-executable instructions for: receiving, from a second entity computing system via a secure network, a data retrieval request associated with the second entity computing system; extracting profile identity data, at least one data retrieval parameter and request type data from the data retrieval request; retrieving, from a data retrieval rule data source, data retrieval rules based on the profile identity data and request type data, the data retrieval rules comprising an indication that the requested data is to be retrieved automatically; retrieving, from a request history data source, historical retrieval request data associated with the second entity computing system, the historical retrieval request data comprising at least one prior data retrieval request comprising the profile identity data; determining whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data; in response to determining that the data retrieval request comprises at least one request anomaly: generating alert data comprising a request to proceed with retrieval of the requested data in accordance with the data retrieval request, and transmitting, via another secure network, the alert data for receipt by a computing device; and receiving, from the computing device via the another secure network, reply data responsive to the alert data.
 11. The non-transitory computer-readable medium of claim 10 further comprising computer-executable instructions for: when the reply data comprises request approval data: retrieving the requested data in accordance with the data retrieval request, and transmitting, via the secure network, the requested data to the second entity computing system.
 12. The non-transitory computer-readable medium of claim 10, wherein the reply data comprises request denial data.
 13. The non-transitory computer-readable medium of claim 10, wherein determining whether the data retrieval request comprises at least one request anomaly comprises analyzing statistical variation between the historical retrieval request data and the at least one data retrieval parameter.
 14. The non-transitory computer-readable medium of claim 10, wherein the data retrieval rules comprise retrieval preference data.
 15. The non-transitory computer-readable medium of claim 10, wherein: the data retrieval request is in respect of payment of an invoice associated with the second entity computing system; the request type data comprises an indication of an account type of the invoice; the at least one data retrieval parameter comprises a payment amount of the invoice; and the at least one prior data retrieval request comprises at least one prior invoice associated with the second entity computing system.
 16. A method of detecting and addressing anomalies in data retrieval requests, the method comprising: via a processing device of a first entity computing system: receiving, from a second entity computing system, a data retrieval request associated with the second entity computing system; extracting profile identity data, at least one data retrieval parameter and request type data from the data retrieval request; retrieving, from a data retrieval rule data source accessible by the processing device, data retrieval rules based on the profile identity data and request type data, the data retrieval rules comprising an indication that the requested data is to be retrieved automatically; retrieving, from a request history data source accessible by the processing device, historical retrieval request data associated with the second entity computing system, the historical retrieval request data comprising at least one prior data retrieval request comprising the profile identity data; determining whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data; in response to determining that the data retrieval request comprises at least one request anomaly: generating alert data comprising a request to proceed with retrieval of the requested data in accordance with the data retrieval request, and transmitting, via another secure network, the alert data for receipt by a second computing device; and receiving, from the second computing device via the another secure network, reply data responsive to the alert data.
 17. The method of claim 16 further comprising: when the reply data comprises request approval data, retrieving the requested data in accordance with the data retrieval request, and transmitting, via the secure network, the requested data to the second entity computing system.
 18. The method of claim 16, wherein the reply data comprises request denial data.
 19. The method of claim 16, wherein determining whether the data retrieval request comprises at least one request anomaly comprises analyzing statistical variation between the historical retrieval request data and the at least one data retrieval parameter.
 20. The method of claim 16, wherein the data retrieval rules comprises retrieval preference data.
 21. The method of claim 16, wherein: the data retrieval request is in respect of payment of an invoice associated with the second entity computing system; the request type data comprises an indication of an account type of the invoice; the at least one data retrieval parameter comprises a payment amount of the invoice; and the at least one prior data retrieval request comprises at least one prior invoice associated with the second entity computing system. 